Amendments to the Claims 



This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Currently Amended) A certification authority for generating certificates in 
response to respective certification requests, the certification authority comprising: 

At a general-purpose computer that is bootable from a removable medium; 

and 

Br a removable medium comprising a machine readable medium having 
encoded thereon: 

h an operating system module configured to enable the computer to 
boot an operating system from the removable medium; and 
Ur a certificate generation module configured to, after the computer 
has been booted, initiate a certificate generation session and control the 
computer to facilitate the generation of at least one certificate , as the 
certification authority, in response to an associated certification request^ 

wherein the computer, upon booting from the removable medium, is dedicated as the 

certification authority during the certificate generation session and executes only 

operations related to the certificate generation session, and 

wherein remote control of the computer is prevented while the computer is 

dedicated as the certification authority . 

2. (Previously Presented) A certification authority as defined in claim 1 in which said 
certification authority operates under control of an operator, the certificate generation 
module enabling the computer to display certification request information associated 
with the certification request to the operator and receive operator input information from 
an operator, the certificate generation module enabling the computer to use the input 
information from the operator in generating the at least one certificate. 
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3. (Previously Presented) A certification authority as defined in claim 2 in which the 
operator input information includes operator authentication information, the certificate 
generation module including an authentication module configured to enable the 
computer to receive the operator authentication information and verify that the operator 
is authorized to control the certification authority. 

4. (Currently Amended) A certification authority as defined in claim 3 in which the 
certificate includes an digital signature comprising a signature that is generated using 
private encryption key, the certificate generation module including 

At an encrypted private key; 

Br a decryption module configured to enable the computer to use the 
operator authentication information to decrypt the encrypted private key thereby 
to obtain a private key; and 

Gt a digital signature module configured to enable the computer to generate 
a digital signature from information in the at least one certificate using the private 
key. 

5. (Currently Amended) A certification authority as defined in claim 2 in which the 
certificate generation module further includes: 

At a certification request information display module configured to enable the 
computer to display certification request information to the operator; and 
Br a certification request edit module configured to enable the computer to 
receive certification request modification information from the operator and 
update information in the certification request in response thereto. 

6. (Previously Presented) A certification authority as defined in claim 2 in which the 
certificate generation module further includes a certification request approval module 
configured to enable the computer to receive operator input information comprising a 
certification certificate request approval and generate the certificate request in response 
thereto. 
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7. (Previously Presented) A certification authority as defined in claim 1 in which the 
certificate generation module further includes a certification request verification module 
configured to enable said computer to determine whether the information in the at least 
one certification request is in a predetermined format. 

8. (Original) A certification authority as defined in claim 1 in which the computer is 
connected to retrieve certification requests from a remote storage location, the 
certificate generation module further including a communication control module 
configured to enable the computer to retrieve certification requests from the remote 
storage location. 

9. (Currently Amended) A computer program product for use in connection with a 
general purpose computer to form a certification authority for generating certificates in 
response to respective certification requests, the computer being bootable from a 
removable medium, the computer program product comprising a removable medium in 
the form of a machine readable medium having encoded thereon: 

At an operating system module configured to enable the computer to boot an 
operating system from the removable medium; and 

St a certificate generation module configured to, after the computer has been 
booted, initiate a certificate generation session and control the computer to 
facilitate the generation of at least one certificate , as the certification authority, in 
response to an associated certification request^ 

wherein the computer upon booting from the removable medium, is dedicated as the 

certification authority during the certificate generation session and executes only 

operations related to the certificate generation session, and 

wherein remote control of the computer is prevented while the computer is 

dedicated as the certification authority . 

10. (Original) A computer program product as defined in claim 9 in which said 
certification authority operates under control of an operator, the certificate generation 
module enabling the computer to display certification request information associated 
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with the certification request to the operator and receive operator input information from 
an operator, the certificate generation module enabling the computer to use the input 
information from the operator in generating the at least one certificate. 

1 1 . (Original) A computer program product as defined in claim 10 in which the 
operator input information includes operator authentication information, the certificate 
generation module including an authentication module configured to enable the 
computer to receive the operator authentication information and verify that the operator 
is authorized to control the certification authority. 

12. (Currently Amended) A computer program product as defined in claim 1 1 in 
which the certificate includes a signature comprising a signature that is encrypted using 
a private encryption key, the certificate generation module including 

At an encrypted private key; 

Br a decryption module configured to enable the computer to use the 
operator authentication information to decrypt the encrypted private key thereby 
to obtain a private key; and 

Gt a digital signature module configured to enable the computer to generate 
a digital signature from information in the at least one certificate and encrypt the 
digital signature using the private key. 

13. (Currently Amended) A computer program product as defined in claim 10 in 
which the certificate generation module further enables the operator to receive operator 
input information relating to information in the certification request, the certificate 
generation module further including: 

At a certification request information display module configured to enable the 
computer to display certification information to the operator; and 
Br a certification request edit module configured to enable the computer to 
receive certification request modification information from the operator and 
update information in the certification request in response thereto. 
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14. (Previously Presented) A computer program product as defined in claim 10 in 
which the certificate generation module further includes a certification request approval 
module configured to enable the computer to receive operator input information 
comprising a certification request approval and generate the certificate in response 
thereto. 

15. (Previously Presented) A computer program product as defined in claim 9 in 
which the certificate generation module further includes a certification request 
verification module configured to enable said computer to determine whether the 
information in the at least one certification request is in a predetermined format. 

16. (Original) A computer program product as defined in claim 9 in which the 
computer is connected to retrieve certification requests from a remote storage location, 
the certificate generation module further including a communication control module 
configured to enable the computer to retrieve certification requests from the remote 
storage location. 
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